Disclaimer: We can't stop Human Spam Bots though
The Problem
We are afraid to show our email ID to our website users as we all know it definitely attracts bots.
The Broken Solution
To beat spam bots, we have used some solutions like this
email [at] example [dot] com
Even its a good idea to show it this way, There are two problems.
- Bot can easily programmed to parse email from this format.
- Its actually a UX pain point for users to send email.
The Real Solution
There is one way we can use to hide email address to bots but your users won't even notice it.
It is by using an Email Obsfuscator which converts your email using Character Entities. You can do this online with two clicks. Check out this online obfuscator
// Before
<a href="mailto:email@example.com">email@example.com</a>
// After
<a href='mailto:ema%69l@%65x%61mple.com'>email@example.com</a>
// User See
email@example.com
Yes. The code looks funny, but it works. It keeps out the bots as they are scanning the code. What I really like in the solution is it won't obfuscate all characters. Instead they leave some as normal. This makes even hard for bots to convert the entities to normal email. Pretty neat idea.
Are you using this method already? What do you think? Let me know your comments.
Top comments (7)
The Broken Solution:
"Bot can easily programmed to parse email from this format"
The Real Solution:
Is there any reason why bots are not able to adapt to decode the mailto string - it is also just a format?
Doesn't work with bots that look for dynamically loaded content or already processed html..
You can try this method with this tool:
antheta.com/
And the url to scrape: antheta.com/demo/demo5.html
I'd say the best way to hide them using a server side script or a recaptcha.
There is an even better trick. It's called Email cloaking.
Check the following repo:
github.com/martignoni/hugo-cloak-e...
What about Bots rendering javascript (like your browser) look trough the (rendered) DOM and simulate the return value of the click event attached to "a" tags?
In my opinion there is no "Real" solution for this. It will prevent basic html fetch bots to receive email-adresses, but once a more sophisticated bot has an email address you will find it soon it a number of databases used for spamming.
Use can VeilMail.io to hide email address from spammers
Some comments may only be visible to logged-in visitors. Sign in to view all comments. Some comments have been hidden by the post's author - find out more